The Opera browser has announced a new security feature called Paste Protect that aims to stop clipboard-based cyberattacks before their malicious commands can be accidentally executed.
Opera claims it is the first major browser to offer native protection against ClickFix attacks – a growing form of social engineering that tricks users into copying and pasting malicious commands into a computer’s terminal. The new feature is built into Opera’s desktop browsers and enabled by default.
ClickFix attacks typically masquerade as routine troubleshooting prompts, such as fake CAPTCHA verification or video playback fixes. Once pasted and executed, the commands can install malware, steal passwords, or give attackers remote access to a device. Opera describes browsing risk as follows:
A ClickFix attack usually starts with something small and ordinary: a video that won’t play or a CAPTCHA that won’t actually verify that you’re human. A pop-up offers a fix, prompting you to copy a short command and paste it into your computer’s terminal. This looks like routine troubleshooting. In reality, this command can install malware, steal saved passwords, or give an attacker remote access to your machine, all done by the user’s own hands, on their own device.
Opera has a clipboard hijack protection feature that prevents external applications from silently overwriting copied content such as cryptocurrency wallet addresses. Paste Protect combines this with a new injection protection system that monitors clipboard activity for suspicious commands copied from websites and blocks potentially malicious content before it reaches the clipboard.
Users can see the first 120 characters of blocked content, and developers working with trusted sources can bypass blocking or mark specific sites as safe.
Opera cited a study by cybersecurity firm Huntress that found ClickFix accounted for more than 53% of malware-loading cyberattacks last year, indicating the technique’s rapid growth.
Apple itself introduced related protection for the Mac with the release of macOS Tahoe 26.4 earlier this year. Following the update, the operating system explicitly warns the user before pasting potentially dangerous commands into the Terminal app.
The Opera browser is now available as a free update and can be downloaded from the company’s website.
